CompTIA
CAS-003 · Question #720
CAS-003 Question #720: Real Exam Question with Answer & Explanation
The correct answer is C: CASB. A Cloud Access Security Broker (CASB) provides visibility and policy enforcement over cloud service usage, directly addressing the shadow IT risk of unsanctioned cloud storage.
Question
An information security officer reviews a report and notices a steady increase in outbound network traffic over the past ten months. There is no clear explanation for the increase. The security officer interviews several business units and discovers an unsanctioned cloud storage provider was used to share marketing materials with potential customers. Which of the following services would be BEST for the security officer to recommend to the company?
Options
- ANIDS
- BHIPS
- CCASB
- DSFTP
Explanation
A Cloud Access Security Broker (CASB) provides visibility and policy enforcement over cloud service usage, directly addressing the shadow IT risk of unsanctioned cloud storage.
Common mistakes.
- A. A Network Intrusion Detection System (NIDS) monitors traffic for known attack signatures but does not provide governance or visibility specifically over which cloud services employees are accessing.
- B. A Host Intrusion Prevention System (HIPS) monitors activity on individual endpoints but cannot identify or enforce policies against unsanctioned cloud service usage across the organization.
- D. SFTP is a secure file transfer protocol that could serve as a sanctioned alternative, but it does not detect, govern, or restrict the use of unauthorized third-party cloud storage services.
Concept tested. Cloud Access Security Broker (CASB) for shadow IT control
Reference. https://learn.microsoft.com/en-us/defender-cloud-apps/what-is-defender-for-cloud-apps
Community Discussion
No community discussion yet for this question.